FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?
Response:
After a monthly change control board meeting at which the team determined the security impact of proposed changes to an application, what would be the team's next action? Response:
A specific category of information (e.g., privacy, medical, proprietary, financial, investigative, contractor sensitive, security management), defined by an organization or in some instances, by a specific law, Executive Order, directive, policy, or regulation.
Response:
What will provide a mechanism for evaluating the functions the subsystems perform, interfaces with other subsystems and connections with other information systems, and how they have an impact on other subsystems and permit update of the system design and incorporation in the security plan.
Response:
NIST SP 800-37 defines this role as an organizational official responsible for the development, implementation, assessment, and monitoring of common controls (i.e., security controls inherited by information systems).
Response:
